Forum Discussion

CadenL's avatar
CadenL
Level 6
9 years ago

Adding new Exchange domain to EV site

Hi

I want to add a new Exchange Domain (Domain B) to an EVsite that exists in Domain A (separate Forests) 

Domain A hosts the EV server. the VSA and some Exchange servers already..... Domain B hosts some new Exchange servers that I want to archive from.

I think everything is almst in place as the Permissions have all been set on the Exchange servers and the new Domain and Exchange targets added.

 

My question is around the Provisioning Task and what I need to do (if anything) to get this to running ok against the new Domain. I get an error currently but it's verty vague - along the lines of "the task failed to complete"..... but before I start delving into this too much I just wnated to understand what I need to do in the new Domain.

My thoughts are that this is failing as the vault service account exists in the old domain (there are two way transivitive trusts setup) but I think the provisioning task is looking to user an account in the new domain that has read access to the relevent objects. Is it simply a case of creating an account in the new domain with the same name and password as the VSA  -eg:

if  VSA in Domain A is  DomainA\VSA with password of Pa55w0rd    I just create an account in Domain B with the same username and password eg

DomainB\VSA with password of Pa55w0rd

The technote http://www.veritas.com/docs/000070859 on configuring this says:

"Check that the VSA is a member of the Builtin Users group in the remote forest (Forest B\Domain B). This is to allow the domain enumeration to succeed when the provisioning task is running."

Does this mean to create a new user in the Builtin Users group with the same credentials or is there a way to add DomainA\VSA into the Domain B Builtin User group (as I can't see a way to do this).

thanks

 

  • just thinking out loud here but if you can't add users from one domain to a group in the other domain then how is the trust working?

  • just thinking out loud here but if you can't add users from one domain to a group in the other domain then how is the trust working?

  • It just started to work as expected so I guess it was a synchronisation issue - thanks all the same